CLOSE THE SECURITY GAP Malicious actors are more clever, creative and persistent than ever, releasing millions of threats each year. Attacks change so rapidly that signature and behavior-based protection solutions can’t keep up — even sophisticated AI/ML threat-hunting solutions simply chase faster. Adversaries use their profound knowledge of the target environment to develop stealthy, highly-targeted attacks, employing polymorphism, obfuscation, encryption and other advanced techniques to evade security mechanisms. Morphisec always stays a step ahead.
REDUCE SECURITY RISK AND COSTSMorphisec makes a true prevention-first approach possible with its Moving Target Defense-based platform. Other solutions use various detection technologies to first identify, then stop an attack. This leaves enterprises exposed to unknown attacks or those that leave no indicators. Morphisec first stops, then identifies the attack. No guessing, no hunting for missed attacks, no damage to remediate. Morphisec blocks exploits, evasive malware and fileless attacks pre-execution deterministically, without relying on IOCs, before any damage happens. It deploys easily into existing security infrastructures and does not generate false-positives or compromise system or network performance.
Built to Defeat Fileless Attacks
Fileless, in-memory attacks evade detection by co-opting legitimate system resources. They are 10x more likely than malware attacks to breach your company. Morphisec pre-emptively prevents such attacks by making these resources inaccessible.
Earliest-stage, Proactive Threat Prevention
Morphisec’s Moving Target Defense-based platform prevents known and unknown threats at the earliest stage of the attack lifecycle.
• Prevent advanced threats and zero-days immediately and completely. No detecting, guessing or hunting for missed attacks.
• Set it and forget it. Non-invasive agent with zero performance degradation and no updates needed.
• Reduce false-positives. No alert fatigue or wasting resources on attacks that never occurred.
• Replace legacy antivirus with a far more secure alternative at no additional cost via Morphisec’s Defender AV integration.
Security That Makes IT Happy
Cut your security risk without cutting into business operations or productivity. Morphisec is built from the ground up to align business and security needs.
• Prevent threats without continuous monitoring or generating reams of data.
• Reduce IT complexity and protect business continuity.
• Protect in-between patching cycles; employ as a Windows 7 compensating control.
• Gain visibility into all endpoint attacks including Microsoft Defender AV events.
• View full attack timeline and correlate events to make smarter, faster decisions.
• Easily deploy across virtual, physical or hybrid IT environments.
Morphisec Unified Threat PreventionPROTECT AGAINST THE UNKNOWN WITH MOVING TARGET DEFENSE
Protect your business from zero-days and evasive advanced threats with Moving Target Defense. Morphisec works behind the scenes to safeguard your applications and web browsers and prevent any attempts at access. You get powerful protection that is deceptively simple to operate, no need to compromise.
BENEFITS
STOP ADVANCED UNKNOWN THREATS Prevents zero-days, fi leless memory attacks, malicious documents and browser-based threats at the moment of attack
VIRTUALLY PATCH VULNERABILITIESKeeps your business protected from vulnerability exploits when patches not yet available or deployed
CUT SECURITY OPERATIONAL COSTSNo need to investigate or analyze, no false positive alerts, no remediation costs
GET REAL-TIME END-TO-END VISIBILITYOptics into all endpoint events and full chain of attack
COMPENSATING CONTROLActs as a Windows 7 compensating control for compliance purposes
SIMPLE TO OPERATELightweight single agent works on and offl ine, installs quickly, requires no management and has zero performance penalty
MOVING TARGET DEFENSEMoving Target Defense is a pre-emptive early prevention strategy that uses stealth tactics employed by hackers, like deception, obfuscation, modifi cation, and polymorphism. Morphisec Unifi ed Threat Prevention is the only endpoint protection platform to employ this highly sophisticated technology. Its patented polymorphic engine continuously and randomly moves and morphs memory resources — the main target of advanced attacks. This dismantles the attack delivery mechanisms and killchain, preventing threats instantaneously and unconditionally.
Morphisec protects endpoints from all known and unknown exploit-based, memory injection attacks in applications such as browsers and productivity tools. It prevents evasive attacks, zero-days and attacks targeting known but unpatched vulnerabilities. It does so in a deterministic manner, without generating alerts to be analyzed, via a lightweight, 2MB agent requiring no administration.
MORPHISEC UNIFIED THREAT PREVENTION
HOW IT WORKS
MORPH & CONCEAL: Turning endpoints into unpredictable targets
As an application loads to the memory space, Morphisec morphs the process structure, relocating and transforming libraries, functions, variables and other data segments in a controlled manner. Each run is unique, per process instance, making the memory constantly unpredictable to attackers.
PROTECT & DECEIVE: Controlled access to the morphed structure
Legitimate application code memory is dynamically updated to use the morphed resources. Applications continues to load and run as usual. A lightweight skeleton of the original structure is left as a trap.
PREVENT & UNCOVER: Neutralize and expose attacks
Attacks target the original structure and fail, unable to access the resources they expect and need in order to execute. Attacks are immediately prevented, trapped and logged with full forensic details.
2.
1.
3.
TRUSTEDCODE
SKELETON APPLICATION KEPT AS DECOY
MORPHED APPLICATIONMEMORYTRAP
MALICIOUSCODE INJECTION
CALL TO ORIGINAL RESOURCES EXPOSES
AND TRAPS THE ATTACK
MORPHISEC UNIFIED THREAT PREVENTION
ENDPOINTS
SERVERS/VDI
ENTERPRISESIEM
REPOSITORY UNIFIED SECURITY CENTER
CLOUD/ON-PREMISEMANAGEMENT SERVERSOLUTION INFRASTRUCTURE
Morphisec Endpoint Threat Prevention is a Windows Service application built on a highly scalable, tiered architecture. It can support organizations of any size, in a single or multi-site confi guration. Blocked attacks are logged, along with the full attack fi ngerprint, and reported to the Management Console or organizational SIEM for forensic analysis. All communication is encrypted, and connections between tamper-resistant agents and servers are mutually authenticated.
MANAGEMENT SERVER
On-premise or cloud-based, the Management Server handles endpoint agent management and tracking, SIEM integration and dashboard generation.
UNIFIED SECURITY CENTER
The Unifi ed Security Center provides complete system control and end-to-end visibility into organization threats via clear, powerful, customizable dashboards.
• Organizational risk posture based on attack and exploit prevention volume and customizable KPIs
• Consolidated view of all attacks on the endpoint, including Defender AV events
• Forensics and analytics for enhanced intelligence and drill-down
• Automated reporting and threat prevention notifi cation
KEY COMPONENTS
AGENT
• All prevention functions are performed autonomously by our lightweight 2MB DLL Protector endpoint agent
• Prevent attacks without prior knowledge — no need to update rules, signatures or databases, and no learning algorithms
• Fully application agnostic — safeguards all your applications without tedious confi guration
• No runtime components and securely communicates with the Unifi ed Security Centerfor reporting and tracking purposes only
SUITABLE FOR ENTERPRISE AND MID-SIZED BUSINESSESMorphisec adapts to the business needs of organizations of all sizes, protecting systems, intellectual property and brand without impeding operations. Enterprise-critical features include end-to-end threat visibility, auditing capabilities, Active Directory integration and seamless integration with organizational deployment systems and SIEMs.
Morphisec’s unparalleled prevention capabilities do not depend on the forensic data captured. So businesses with limited resources get the same level of protection as large enterprises. The system does not require daily maintenance or rule setting. And because Morphisec has zero performance impact at run-time, it easily supports endpoints that require high performance and cannot afford rapid changes.
Morphisec for VDI
Morphisec consumes zero CPU and does not require updates to prevent new threats, so it does not degrade VDI performance or impact instance load times. Morphisec Unified Threat Prevention protects across virtual, physical and hybrid environments, with seamless support for all major VDI systems, both persistent and non-persistent (pooled) running at the VDI level. It also supports Application Virtualization platforms such as Citrix XenApp.
Third Party Partnerships and Integrations
• MISA partner: Member of the Microsoft Intelligent Security Association, integration with Microsoft Defender ATP
• CitrixReady partner: Certified for the latest versions of Citrix XenApp and Citrix XenDesktop, and Citrix Azure
• VMWare technology alliance partner: VMWare Horizon
• Opswat bronze partner: Tested by Opswat for quality, false positives, and compatibility with over 1,000 devices from 40+ leading access control vendors
• RSA Netwitness partner: Certified interoperability with RSA Netwitness Integrations
• SIEM Integrations: McAfee Enterprise Security Manager, Splunk Enterprise Security, IBM QRadar, HP Arcsite, Rapid7 InsightIDR
ABOUT MORPHISEC
Morphisec has revolutionized endpoint protection with its Moving Target Defense technology, which instantly and deterministically stops the most dangerous and evasive attacks while allowing companies to cut operational costs. With a true prevention-first approach to stopping zero-days, with no false positives, Morphisec eliminates the complexity and burden for organizations struggling to respond to cyberattacks.
ENDPOINT PROTECTOR
Hardware Hardware recommended by Microsoft to run the software
Software A physical or virtual image running the following:Microsoft Windows 7 (32-bit and 64-bit) with a Windows update that supports SHA-2; Microsoft Windows 7, Service Pack 1 (32-bit and 64-bit);Microsoft Windows 8, 8.1; Microsoft Windows 10; Microsoft Windows Server 2008 R2, 2012/2012 R2, 2016
In addition, the image must include Microsoft .net 4.0 or later.
MANAGEMENT SERVER
Hardware Intel 64-bit Pentium 2 CPU 4 core or 8 core hyper threading, Recommended RAM 16GDisk size: Recommended 1T, minimum 250GDisk: Recommended: Raid 5 with backup. Minimum: Raid 1
Software A physical or virtual image running Microsoft Windows Server 2012 R2 or later.
TECHNICAL SPECIFICATIONS AND REQUIREMENTS
www.morphisec.com© 2019 Morphisec Inc.
MORPHISEC UNIFIED THREAT PREVENTION